CVE-2021-36153
HIGHCVSS 7.5/10EPSS 2.08%
Last modified
CVE-2021-36153 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. Mismanaged state in GRPCWebToHTTP2ServerCodec.swift in gRPC Swift 1.1.0 and 1.1.1 allows remote attackers to deny service by sending malformed requests.. EPSS estimates a 2.08% chance of exploitation in the next 30 days.
Description
Mismanaged state in GRPCWebToHTTP2ServerCodec.swift in gRPC Swift 1.1.0 and 1.1.1 allows remote attackers to deny service by sending malformed requests.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Linuxfoundation | Grpc Swift | 1.1.0 |
| Linuxfoundation | Grpc Swift | 1.1.1 |
References
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35267Mailing List, Third Party Advisory
- https://github.com/grpc/grpc-swift/releasesRelease Notes, Third Party Advisory
- https://github.com/grpc/grpc-swift/security/advisories/GHSA-2jx2-qcm4-rf9hThird Party Advisory
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35267Mailing List, Third Party Advisory
- https://github.com/grpc/grpc-swift/releasesRelease Notes, Third Party Advisory
- https://github.com/grpc/grpc-swift/security/advisories/GHSA-2jx2-qcm4-rf9hThird Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-36153?
Mismanaged state in GRPCWebToHTTP2ServerCodec.swift in gRPC Swift 1.1.0 and 1.1.1 allows remote attackers to deny service by sending malformed requests.
How severe is CVE-2021-36153?
CVE-2021-36153 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 2.08% probability of exploitation in the next 30 days.
How do I fix CVE-2021-36153?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2021-36153?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST